Vigilantes Take Offensive in WikiLeaks Censorship Battle

Share

Vigilantes Take Offensive in WikiLeaks Censorship Battle

Internet vigilantes stepped up attacks in support of WikiLeaks on Wednesday, downing Visa's web site in a widening protest against a handful of companies that banned the secret-spilling site after it began publishing hundreds of secret U.S. diplomatic cables.

The outages, organized by the group Anonymous under the banner "Operation Payback," have taken the battle between WikiLeaks supporters and opponents over web censorship to the streets, so to speak, sparking a series of tit-for-tat retaliations that appeared to be growing at the time this article was posted.

At stake is not just the future of WikiLeaks, the protesters seem to believe, but freedom on the net in general – a principle worth defending by any means possible, however dubious.

"There are people that want to send a message that the Internet is a sovereign territory," according to Barrett Lyon, CEO of 3Crowd and one of the early pioneers in fighting DDoS (distributed denial of service) attacks from 2000 to 2006.

Online speech and corporate attempts to control it have sparked firefights before, but the naked control of commercial service providers over WikiLeaks' cash flow and internet presence has sparked an unprecedented reaction that may not be easily brought to heel.

An Anonymous member or sympathizer wrote to Wired.com to announce the attacks, passing along this statement from the chat channel being used to organize the attack:

We are the clear logic used to unveil wrongdoing. The general public, clouded by misleading information mostly by the media with a political agenda, fails to see and understand this wrongdoing. Because of this, those who do the wrongdoing escape unpunished. Anonymous is here to ensure punishment does not go unserved to those who deserve it.

In an interview, Lyon called the attacks historic in how well-organized the attackers are, estimating as many as 5,000 people may be involved and noting that the organizing site includes an FAQ, a propaganda operation and a radio station.

Anonymous, which has its roots in the uncensored crook of the 4chan message boards, has a history of such attacks, including a recent campaign against the record industry for attacking file sharing sites, mass-infiltrating an online game for kids to protest its stupidity, and an earlier long-running campaign against the Church of Scientology.

The Scientology attacks were investigated by the FBI, and at least one Anonymous member was jailed for his part in clogging Scientology’s websites.

Few who are part of Anonymous are actual “hackers,” and instead join in the attacks by running specialized software provided by more technically adept members. Instruction for which sites to target and when are passed around dedicated online chat channels and websites, creating a sort of online insurgency.

Anonymous' DDoS tool has an unusual twist, according to Lyon, incorporating features that allow members to connect to the botnet voluntarily, rather than mobilizing hijacked zombie machines. It is called LOIC, which stands for "Low Orbit Ion Cannon," and evolved from an open source website load-testing utility. A new feature called Hivemind was added, which connects LOIC to anonops for instructions, and allows members to add their machines to an attack at will.

However the software does not mask a user's IP address, and has generated complaints from its users that it sucks up all their available bandwidth when it's in attack mode.

Despite the high level of organization, Lyon said the attacks themselves are not particularly sophisticated. "It is mediocre, at best," he said. "There is a lot they are doing wrong, and yet they are still succeeding."

Visa.com stopped responding early Wednesday afternoon Pacific time, while Mastercard.com fell at least eight hours earlier and remains unresponsive. Neither company's backend credit-processing systems are affected, though purchases that require a secondary web confirmation (e.g. Verified by Visa and Mastercard SecureCode) are reportedly not working, since they require online verification.

Mastercard, Visa and PayPal all cut off WikiLeaks in the past week, citing violations of their “terms of service” agreements, but no such action has been taken against The New York Times and other publications that are reprinting and reporting on the cables.

The U.S. State Department has called the ongoing publication of the 250,000 diplomatic cables “illegal,” but no charges have been filed against the site. Publishing government documents, even classified ones, is not explicitly illegal in the United States, though it is in England.

WikiLeak's credit card processor Datacell is planning to sue over the shutdown, according to WikiLeaks' Twitter feed.

Anonymous earlier attacked and took down for several hours a Swiss bank that froze an account belonging to WikiLeaks founder Julian Assange. Anonymous is also aiming at PayPal.com, an attack which could, if successful, block financial transactions, but so far that site remains up.

Twitter and Facebook, meanwhile, which have so far refused to ban WikiLeaks, dropped Anonymous late Wednesday, prompting the group to re-register on Twitter within minutes under a new name.

Adding to the insult, Anonymous on Wednesday afternoon publicly posted what looks to be more than 10,000 credit card numbers along with expiration dates, though early analysis indicates the numbers are fake.

On Wednesday, even as its site was inaccessible, Visa sought to assure the public that everything was fine.

"Visa’s processing network, which handles cardholder transactions, is functioning normally, and cardholders can continue to use their cards as they routinely would. Account data is not at risk," the company said in a e-mailed statement.

Visa, however, dodged the question of why it blocked WikiLeaks and seemed to be trying to shrug off the takedown as if no attack were underway.

“Separately, Visa’s corporate website – Visa.com – is currently experiencing heavier-than-normal traffic. The company is taking steps to restore the site to full operations within the next few hours.”

WikiLeaks itself has suffered from denial of service attacks since last Sunday, including one from a “patriotic” hacker. That’s when the site began publishing cables provided to the site by Pfc. Bradley Manning, according to chat logs first reported by Wired.com, who had access to them as part of his work as an intelligence analyst in Iraq. Manning is in jail in Quantico, Virginia, awaiting trial.

Assange is also now in custody in London related to sex-crimes charges in Sweden, which has the organization scrambling to operate. Assange is expected to fight extradition.